From 4ce3cc34281abd0a94fa7b521c4605a0317e2504 Mon Sep 17 00:00:00 2001
From: Roman Gonzalez <rgonzalez@f2c2xd6x5c.lan>
Date: Wed, 21 Jun 2023 11:37:50 -0700
Subject: [PATCH] fix(darwin): use chown only on non user mode

On the latest version of macOS (Ventura 13.4 as of this date), this
change ownership will always fail with the error:

> Failed to mount filesystem for secrets: Cannot change owner/group of '.../secrets.d' to 0/0: chown .../secrets.d: operation not permitted
---
 pkgs/sops-install-secrets/darwin.go | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/pkgs/sops-install-secrets/darwin.go b/pkgs/sops-install-secrets/darwin.go
index f1c2657..95f3662 100644
--- a/pkgs/sops-install-secrets/darwin.go
+++ b/pkgs/sops-install-secrets/darwin.go
@@ -102,8 +102,10 @@ func MountSecretFs(mountpoint string, keysGid int, userMode bool) error {
 	//	}
 	//}
 
-	if err := os.Chown(mountpoint, 0, int(keysGid)); err != nil {
-		return fmt.Errorf("Cannot change owner/group of '%s' to 0/%d: %w", mountpoint, keysGid, err)
+	if !userMode {
+		if err := os.Chown(mountpoint, 0, int(keysGid)); err != nil {
+			return fmt.Errorf("Cannot change owner/group of '%s' to 0/%d: %w", mountpoint, keysGid, err)
+		}
 	}
 
 	return nil